How to fix WordPress locked error from wp-admin login by jetpack plugin?

You should now be able to login again, and this issue shouldn’t repeat itself. Jetpack’s Protect function looks at the incoming IP address when you try to login, and compares it against our network of blocked IPs. This works pretty well, unless Jetpack’s Protect is being told the wrong IP address by your site’s server. In your case, your server was reporting its own IP address to Protect, which is why it was blocked. This meant that every single time someone with a WordPress site on your site’s server entered the wrong password, we thought it was the same person. If your hosting provider has several hundred WordPress sites on the same server/IP, that adds up fast, leading to a ban on the IP.

I’ve made a couple of changes on our side, and Jetpack’s Protect feature will now determine incoming IP addresses a different way. You’re still protected!

– Jeremy Herve (@jeherve) – Plugin author

Solution:

Whitelisting Your IP Address

Whitelisting may be necessary if you’ve made too many failed log in attempts to your site. There are three methods for whitelisting your IP address:

If you have access to your site and you’ve not been blocked, you can enter your IP or IPv6 address(es) by going to Jetpack → Settings → Security → Brute force attack protection.
If you are blocked from entering your site, you can enter the IP or IPv6 address(es) via WordPress.com by visiting My Sites → Settings → Security → Prevent brute force login attacks
You can also whitelist one IP address by setting it as the JETPACK_IP_ADDRESS_OK constant in your wp-config.php like this:

define('JETPACK_IP_ADDRESS_OK', 'X.X.X.X');

You can find your IP by visiting any of the following sites:

www.whatismyip.com
www.whatismyipaddress.com

References:

https://jetpack.com/support/security-features/#unblock
https://wordpress.org/support/topic/jetpack-has-locked-your-sites-login-page/#post-10069377

List of really good and important plugins for WordPress

I am listing a few common yet very useful plugins we can utilize for our WordPress websites:

Limit Login Attempts

Limit the number of login attempts that possible both through the normal login as well as using the auth cookies.
WordPress by default allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be cracked via brute-force relatively easily.
Limit Login Attempts Reloaded blocks an Internet address from making further attempts after a specified limit on retries has been reached, making a brute-force attack difficult or impossible.

Features:

  • Limit the number of retry attempts when logging in (per each IP). This is fully customizable.
  • Limit the number of attempts to log in using authorization cookies in the same way.
  • Informs the user about the remaining retries or lockout time on the login page.
  • Optional logging and optional email notification.
  • Handles server behind the reverse proxy.
  • It is possible to whitelist/blacklist IPs and Usernames.
  • Sucuri Website Firewall compatibility.
  • XMLRPC gateway protection.
  • Woocommerce login page protection.
  • Multi-site compatibility with extra MU settings.
  • GDPR compliant. With this feature turned on, all logged IPs get obfuscated (md5-hashed).

Wordfence security

Wordfence includes an endpoint firewall and malware scanner that were built from the ground up to protect WordPress. Our Threat Defense Feed arms Wordfence with the newest firewall rules, malware signatures and malicious IP addresses it needs to keep your website safe. Rounded out by a suite of additional features, Wordfence is the most comprehensive WordPress security solution available.

WORDPRESS FIREWALL

  • Web Application Firewall identifies and blocks malicious traffic. Built and maintained by a large team focused 100% on WordPress security.
  • [Premium] Real-time firewall rule and malware signature updates via the Threat Defense Feed (free version is delayed by 30 days).
  • [Premium] Real-time IP Blacklist blocks all requests from the most malicious IPs, protecting your site while reducing load.
  • Protects your site at the endpoint, enabling deep integration with WordPress. Unlike cloud alternatives does not break encryption, cannot be bypassed and cannot leak data.
  • Integrated malware scanner blocks requests that include malicious code or content.
  • Protection from brute force attacks by limiting login attempts, enforcing strong passwords and other login security measures.

WORDPRESS SECURITY SCANNER

  • Malware scanner checks core files, themes and plugins for malware, bad URLs, backdoors, SEO spam, malicious redirects and code injections.
  • [Premium] Real-time malware signature updates via the Threat Defense Feed (free version is delayed by 30 days).
  • Compares your core files, themes and plugins with what is in the WordPress.org repository, checking their integrity and reporting any changes to you.
  • Repair files that have changed by overwriting them with a pristine, original version. Delete any files that don’t belong easily within the Wordfence interface.
  • Checks your site for known security vulnerabilities and alerts you to any issues. Also alerts you to potential security issues when a plugin has been closed or abandoned.
  • Checks your content safety by scanning file contents, posts and comments for dangerous URLs and suspicious content.
  • [Premium] Checks to see if your site or IP have been blacklisted for malicious activity, generating spam or other security issue.

SECURITY TOOLS

  • With Live Traffic, monitor visits and hack attempts not shown in other analytics packages in real time; including origin, their IP address, the time of day and time spent on your site.
  • [Premium] Stop brute force attacks permanently by using two factor authentication, one of the most secure forms of remote system authentication available.
  • Block attackers by IP or build advanced rules based on IP Range, Hostname, User Agent and Referrer.

W3 Total Cache

W3 Total Cache improves the SEO and user experience of your site by increasing website performance, reducing download times via features like content delivery network (CDN) integration.

The only web host agnostic WordPress Performance Optimization (WPO) framework recommended by countless web developers and web hosts. Trusted by numerous companies like: AT&T, stevesouders.com, mattcutts.com, mashable.com, smashingmagazine.com, makeuseof.com, kiss925.com, pearsonified.com, lockergnome.com, johnchow.com, ilovetypography.com, webdesignerdepot.com, css-tricks.com and tens of thousands of others.

An inside look:

BENEFITS

  • Improvements in search engine result page rankings, especially for mobile-friendly websites and sites that use SSL
  • At least 10x improvement in overall site performance (Grade A in WebPagetest or significant Google Page Speed improvements) when fully configured
  • Improved conversion rates and “site performance” which affect your site’s rank on Google.com
  • “Instant” repeat page views: browser caching
  • Optimized progressive render: pages start rendering quickly and can be interacted with more quickly
  • Reduced page load time: increased visitor time on site; visitors view more pages
  • Improved web server performance; sustain high traffic periods
  • Up to 80% bandwidth savings via minify and HTTP compression of HTML, CSS, JavaScript and feeds

KEY FEATURES

  • Compatible with shared hosting, virtual private / dedicated servers and dedicated servers / clusters
  • Transparent content delivery network (CDN) management with Media Library, theme files and WordPress itself
  • Mobile support: respective caching of pages by referrer or groups of user agents including theme switching for groups of referrers or user agents
  • Accelerated Mobile Pages (AMP) support
  • Secure Socket Layer (SSL) support
  • Caching of (minified and compressed) pages and posts in memory or on disk or on (FSD) CDN (by user agent group)
  • Caching of (minified and compressed) CSS and JavaScript in memory, on disk or on CDN
  • Caching of feeds (site, categories, tags, comments, search results) in memory or on disk or on CDN
  • Caching of search results pages (i.e. URIs with query string variables) in memory or on disk
  • Caching of database objects in memory or on disk
  • Caching of objects in memory or on disk
  • Caching of fragments in memory or on disk
  • Minification of posts and pages and feeds
  • Minification of inline, embedded or 3rd party JavaScript (with automated updates)
  • Minification of inline, embedded or 3rd party CSS (with automated updates)
  • Browser caching using cache-control, future expire headers and entity tags (ETag) with “cache-busting”
  • JavaScript grouping by template (home page, post page etc) with embed location control
  • Non-blocking JavaScript embedding
  • Import post attachments directly into the Media Library (and CDN)
  • WP-CLI support for cache purging, query string updating and more
  • Various security features
  • Caching statistics for performance insights
  • Extension framework for customization or extensibility e.g. New Relic, Cloudflare, WPML and more
  • Reverse proxy integration via Nginx or Varnish

Improve the user experience for your readers without having to change WordPress, your theme, your plugins or how you produce your content.

Jetpack

Hassle-free design, marketing, and security — all in one place.

DESIGN SERVICES

Create and customize your WordPress site from start to finish. Jetpack helps you with:

  • Hundreds of professional themes for any kind of site
  • Intuitive and powerful customization tools
  • Unlimited and high-speed image and video content delivery network
  • Lazy image loading for a faster mobile experience
  • Integration with the official WordPress mobile apps

MARKETING SERVICES

Measure, promote, and earn money from your site. Jetpack helps you with:

  • Site stats and analytics
  • Automated social media posting and scheduling in advance
  • Elasticsearch-powered related content and site search
  • SEO tools for Google, Bing, Twitter, Facebook, and WordPress.com
  • Advertising program that includes the best of AdSense, Facebook Ads, AOL, Amazon, Google AdX, and Yahoo
  • Simple PayPal payment buttons

SECURITY SERVICES

Stop worrying about data loss, downtime, and hacking. Jetpack helps you with:

  • Brute force attack protection, spam filtering, and downtime monitoring
  • Daily or real-time backups of your entire site
  • Secure logins with optional two-factor authentication
  • Malware scanning, code scanning, and automated threat resolution
  • Fast, priority support from WordPress experts

 

Yoast Seo

Need some help with your search engine optimization? Need an SEO plugin that helps you reach for the stars? Yoast SEO is the original WordPress SEO plugin since 2008. It is the favorite tool of millions of users, ranging from the bakery around the corner to some of the most popular sites on the planet. With Yoast SEO, you get a solid toolset that helps you aim for that number one spot in the search results. Yoast: SEO for everyone.

Yoast SEO does everything in its power to please both visitors and search engine spiders. How? Below you’ll find a small sampling of the powers of Yoast SEO:

TAKING CARE OF YOUR WORDPRESS SEO

  • The most advanced XML Sitemaps functionality at the push of a button.
  • Full control over site breadcrumbs: add a piece of code and you’re good to go.
  • Set canonical URLs to avoid duplicate content. Never have to worry about Google penalties again.
  • Title and meta description templating for better branding and consistent snippets in the search results.

WRITE KILLER CONTENT WITH YOAST SEO

  • Content & SEO analysis: Invaluable tools to write SEO-friendly texts.
  • The snippet preview shows you how your post or page will look in the search results – even on mobile. Yoast SEO Premium even has social media previews!
  • [Premium] The Insights tool shows you what your text focuses on so you can keep your article in line with your keywords.
  • [Premium] Multiple focus keywords: Optimize your article for synonyms and related keywords.
  • [Premium] Automatic internal linking suggestions: write your article and get automatic suggested posts to link to.

KEEP YOUR SITE IN PERFECT SHAPE

  • Yoast SEO tunes the engine of your site so you can work on creating great content.
  • Our cornerstone content and internal linking features help you optimize your site structure in a breeze.
  • Integrates with Google Search Console: See how your site performs in the search engines and fix crawl errors.
  • Manage SEO roles: Give your colleagues access to specific sections of the Yoast SEO plugin.
  • Bulk editor: Make large-scale edits to your site.

Google XMP sitemaps

Use this plugin to greatly improve SEO to create special XML sitemaps which will help search engines like Google, Bing, Yahoo and Ask.com to better index your site.

With such a sitemap, it’s much easier for the crawlers to see the complete structure of your site and retrieve it more efficiently. The plugin supports all kinds of WordPress generated pages as well as custom URLs. Additionally it notifies all major search engines every time you create a post about the new content.

Google Analytics for WordPress by MonsterInsights

We believe that you shouldn’t have to hire a developer to add Google Analytics to your website. That’s why we built MonsterInsights, a complete Google Analytics for WordPress plugin that’s EASY and POWERFUL.

MonsterInsights allow you to connect your WordPress website with Google Analytics, so you can see how visitors find and use your website, so you can keep them coming back. Simply put, we show you the stats that matter.

With almost 15 million downloads, MonsterInsights is the most popular Google Analytics plugin for WordPress.

At MonsterInsights, user experience is our #1 priority. That’s why we make it extremely easy for you to connect and view your Google Analytics reports from inside your WordPress dashboard. Our tracking settings and workflows make MonsterInsights the most beginner friendly google analytics plugin in the market.

A list of few productivity plugins and useful websites for web developers

Browser Extensions

1. To know the platform and background details of any website – use Wappalyzer (chrome extension)
https://chrome.google.com/webstore/detail/wappalyzer/gppongmhjkpfnbhagpmjfkannfbllamg?hl=en

2. To protect privacy over internet, use privacy badger (chrome extension)
https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp

3. To get away with distractions, use stayfocusd (chrome extension)
https://chrome.google.com/webstore/detail/stayfocusd/laankejkbhbdhmipfmgcngdelahlfoji

4. You hate CORS warnings in console, to get rid of them, use Allow-Control-Allow-Origin plugin for chrome
https://chrome.google.com/webstore/detail/allow-control-allow-origi/nlfbmbojpeacfghkpbjhddihlkkiljbi

5. Developers and sys admins keep playing with DNS all the time, but browsers use cache and are lazy in updating the record. Use DNS Flusher
https://chrome.google.com/webstore/detail/dns-flusher/nbomnjapnclaocillijpceooehonajnk

6. Sometimes, you just want to check the website before actually moving the DNS or IP record, use Virtual Hosts (chrome extension)
you can set IP of any domain name to anything
https://chrome.google.com/webstore/detail/virtual-hosts/aiehidpclglccialeifedhajckcpedom

7. JSONView – use this extension to view any json with indentation
https://chrome.google.com/webstore/detail/jsonview/chklaanhfefbnpoihckbnefhakgolnmc

8. For sharing screenshots very quick, you can use two plugins Nimbus screenshot and Lightshot
https://chrome.google.com/webstore/detail/lightshot-screenshot-tool/mbniclmhobmnbdlbpiphghaielnnpgdp?hl=en

https://chrome.google.com/webstore/detail/nimbus-screenshot-screen/bpconcjcammlapcogcnnelfmaeghhagj?hl=en

Useful Websites

HTML Online Editor

Free online HTML editor with WYSIWYG and source composer and instant preview and many useful built-in features

Stack Overflow

Huge programmer community where you usually don’t have to ask for help because probably someone has already answered the same question.

W3Schools

The place to learn web technologies. There’s a big chance that this site gives the first search result when you’re looking for a HTML term.

Github

Collaborate with other developers. Fork, send pull requests and manage all your public and private git repositories.

Built With

Enter a domain name to find out who is hosting it, what CMS and framework is used and many other insights.

Thum.IO

Fast real-time website screenshot API. If you are a backend guy, handling multiple sites and uptime can get messy. This api can really help you in managing the tasks relating to visibility of your website across the web.

HTML Color Codes

Search and save color codes. Search by name or mix the RGB, HSV or CMYK values. Use the generated HTML/CSS codes.

Freepik

Browse the large directory of free photos, vector arts, icons, illustrations, PSD files at FreePic.

PageSpeed Insights

This tool by Google analyzes the submitted link from mobile and desktop to suggest you what to consider optimizing.

Google Fonts

An interactive directory of over 800 free hosted web fonts. It allows to optimize loading speed by including only what you need.

Placehold.it

Image placeholders with customizable size. Just add the image resolution after the domain name, for example placehold.it/400×250

Speed Test by GT-Metrix

Analize the loading speed of a website from many available servers. The website creates a detailed analysis with screenshot and waterfall view.

Similar sites- Pingdom  and WebpageTest.org

FontAwesome

The most popular icon set based on CSS and LESS. The vector icons can be customized as text – size, color, drop shadow

XML Sitemaps

Generate XML sitemaps and URL list of a website. The crawl limit is 500 pages.

Post Image

Post images online for free and share them via links on messages, forums or emails

Codepen

Register to create, save and share HTML-CSS-JS code snippets and run them online.

Write PHP Online

Name suggests it all. Post your code and see what it does. In PHP

Pastebin

Pastebin is a website where you can store text online for a set period of time and share it with anybody or privately